CISSP Questions and Answers 03

QUESTION 165:
Which one of the following is true about information that is designated with the highest of
confidentiality in a private sector organization?
A. It is limited to named individuals and creates and audit trail.
B. It is restricted to those in the department of origin for the information.
C. It is available to anyone in the organization whose work relates to the subject and requires
authorization for each access.
D. It is classified only by the information security officer and restricted to those who have made
formal requests for access.
Answer: C
QUESTION 166:
Related to information security, confidentiality is the opposite of which of the following?
A. closure
B. disclosure
C. disposal
D. disaster
Answer: B
QUESTION 167:
What is the main concern of the Bell-LaPadula security model?
A. Accountability
B. Integrity
C. Confidentiality
D. Availability
Answer: C
“An important thing to note is that the Bell-LaPadula model was developed to make sure secrets
stay secret; thus, it provides and addresses confidentially only. This model does not address
integrity of the data the system maintains – only who can and cannot access the data.” Pg 214
Shon Harris: All-in-One CISSP Certification
QUESTION 168:
Which of the following are the limitations of the Bell-LaPadula model?
A. No policies for changing access data control.
B. All of the choices.
C. Contains covert channels.
D. Static in nature.
Answer: B
Explanation:
Limitations of the BLP model:
Have no policies for changing access data control
Intended for systems with static security levels
Contains covert channels: a low subject can detect the existence of a high object when
it is denied access. Sometimes it is enough to hide the content of an abject; also
their existence may have to be hidden.
Restricted to confidentiality
QUESTION 169:
Which of the following is a state machine model capturing confidentiality aspects of access
control?
A. Clarke Wilson
B. Bell-LaPadula
C. Chinese Wall
D. Lattice
Answer: B
Explanation:
Bell-LaPadula is a state machine model capturing confidentiality aspects of access
control. Access permissions are defined through an Access Control matrix and through a
partial ordering of security levels. Security policies prevent information flowing
downwards from a high security level to a low security level. BLP only considers the
information flow that occurs when a subject observes or alters an object.
QUESTION 170:
With the BLP model, access permissions are defined through:
A. Filter rules
B. Security labels
C. Access Control matrix
D. Profiles
Answer: C
Explanation:
Bell-LaPadula is a state machine model capturing confidentiality aspects of access
control. Access permissions are defined through an Access Control matrix and through a
partial ordering of security levels. Security policies prevent information flowing
downwards from a high security level to a low security level. BLP only considers the
information flow that occurs when a subject observes or alters an object.
QUESTION 171:
With the BLP model, security policies prevent information flowing downwards from a:
A. Low security level
B. High security level
C. Medium security level
D. Neutral security level
Answer: B
Explanation:
Bell-LaPadula is a state machine model capturing confidentiality aspects of access
control. Access permissions are defined through an Access Control matrix and through a
partial ordering of security levels. Security policies prevent information flowing
downwards from a high security level to a low security level. BLP only considers the
information flow that occurs when a subject observes or alters an object.
QUESTION 172:
When will BLP consider the information flow that occurs?
A. When a subject alters on object.
B. When a subject accesses an object.
C. When a subject observer an object.
D. All of the choices.
Answer: D
Explanation:
Bell-LaPadula is a state machine model capturing confidentiality aspects of access
control. Access permissions are defined through an Access Control matrix and through a
partial ordering of security levels. Security policies prevent information flowing
downwards from a high security level to a low security level. BLP only considers the
information flow that occurs when a subject observes or alters an object.
QUESTION 173:
In the Bell-LaPadula model, the Star-property is also called:
A. The simple security property
B. The confidentiality property
C. The confinement property
D. The tranquility property
Answer: C
QUESTION 174:
The Lattice Based Access Control model was developed MAINLY to deal with:
A. Affinity
B. None of the choices.
C. Confidentiality
D. Integrity
Answer: D
Explanation:
We think this is D:
“Identity-Based Access Control”
“…grant or deny access based on the identity of the subject. …user identity or group
membership.” Harris, 3rd Ed, p 163. Group membership would be part of a user profile.
Rule based based can be ID or “a set of complex rules that must be met. … Rule-based
access control is not necessarily identity based.” Harris, 3rd Ed, p 167. So item “C” is
out.
“A” and “B” are not access control methods. I would note that in Harris, there is no
reference to “ID based access control”. “Role-based access control would be the VERY
best answer to the question – role information would be included as part of the users
profile.
QUESTION 175:
With the Lattice Based Access Control model, a security class is also called a:
A. Control factor
B. Security label
C. Mandatory number
D. Serial ID
Answer: B
Explanation:
The Lattice Based Access Control model was developed to deal mainly with information
flow in computer systems. Information flow is clearly central to confidentiality but to
some extent it also applies to integrity. The basic work in this area was done around
1970 and was driven mostly by the defense sector. Information flow in computer systems
is concerned with flow from one security class (also called security label) to another.
These controls are applied to objects. An object is a container of information, and an
object can be a directory or file.
QUESTION 176:
Under the Lattice Based Access Control model, a container of information is a(n):
A. Object
B. Model
C. Label
Answer: A
Explanation:
The Lattice Based Access Control model was developed to deal mainly with information
flow in computer systems. Information flow is clearly central to confidentiality but to
some extent it also applies to integrity. The basic work in this area was done around
1970 and was driven mostly by the defense sector. Information flow in computer systems
is concerned with flow from one security class (also called security label) to another.
These controls are applied to objects. An object is a container of information, and an
object can be a directory or file.
QUESTION 177:
What Access Control model was developed to deal mainly with information flow in
computer systems?
A. Lattice Based
B. Integrity Based
C. Flow Based
D. Area Based
Answer: A
Explanation:
The Lattice Based Access Control model was developed to deal mainly with information
flow in computer systems. Information flow is clearly central to confidentiality but to
some extent it also applies to integrity. The basic work in this area was done around
1970 and was driven mostly by the defense sector. Information flow in computer systems
is concerned with flow from one security class (also called security label) to another.
These controls are applied to objects. An object is a container of information, and an
object can be a directory or file.
QUESTION 178:
The Lattice Based Access Control model was developed to deal mainly with ___________ in
computer systems.
A. Access control
B. Information flow
C. Message routes
D. Encryption
Answer: B
Explanation:
Information flow is clearly central to confidentiality but to some extent it also
applies to integrity. The basic work in this area was done around 1970 and was driven
mostly by the defense sector. Information flow in computer systems is concerned with
flow from one security class (also called security label) to another. These controls
are applied to objects. An object is a container of information, and an object can be a
directory or file.
QUESTION 179:
In the Lattice Based Access Control model, controls are applied to:
A. Scripts
B. Objects
C. Models
D. Factors
Answer: B
Explanation:
Information flow is clearly central to confidentiality but to some extent it also
applies to integrity. The basic work in this area was done around 1970 and was driven
mostly by the defense sector. Information flow in computer systems is concerned with
flow from one security class (also called security label) to another. These controls
are applied to objects. An object is a container of information, and an object can be a
directory or file.
QUESTION 180:
Access control techniques do not include:
A. Rule-Based Access Controls
B. Role-Based Access Controls
C. Mandatory Access Controls
D. Random Number Based Access Control
Answer: D
QUESTION 181:
An access control policy for a bank teller is an example of the implementation of which of
the following?
A. rule-based policy
B. identity-based policy
C. user-based policy
D. role-based policy
Answer: D
QUESTION 182:
Access control techniques do not include which of the following choices?
A. Relevant Access Controls
B. Discretionary Access Controls
C. Mandatory Access Controls
D. Lattice Based Access Controls
Answer: A
“Mandatory Access Control. The authorization of a subject’s access to an object depends upon
labels, which indicate the subject’s clearance, and the classification or sensitivity of the object.”
“Rule-based access control is a type of mandatory access control because rules determine this
access, rather than the identity of the subjects and objects alone.”
“Discretionary Access Control.The subject has authority, within certain limitations, to specify
what objects are accessible.”
“When a user with certain limitations has the right to alter the access control to certain objects,
this is termed as user-directed discretionary access control.”
“An identity-based access control is a type of a discretionary access control based on an
individual’s identity.”
“In some instances, a hybrid approach is used, which combines the features of user-based and
identity-based discretionary access control.”
“Non-discretionary Access Control. A Central authority determines what subjects can have
access to certain objects based on the organizational security policy.”
“The access controls might be based on the individuals role in the organization (role-based) or
the subject’s responsibilities and duties (task-based).”
“[Lattice-based] In this type of control, a lattice model is applied.
“Access control can be characterized as context-dependent or content dependent.”
Pg. 45-46 Krutz: The CISSP Prep Guide: Gold Edition
QUESTION 183:
What is called a type of access control where a central authority determines what subjects
can have access to certain objects, based on the organizational security policy?
A. Mandatory Access Control
B. Discretionary Access Control
C. Non-discretionary Access Control
D. Rule-based access control
Answer: C
Non-Discretionary Access Control. A central authority determines what subjects can have access
to certain objects based on organizational security policy. The access controls may be based on
the individual’s role in the organization (role-based) or the subject’s responsibilities and duties
(task-based).
Pg. 33 Krutz: The CISSP Prep Guide.
QUESTION 184:
In non-discretionary access control, a central authority determines what subjects can have
access to certain objects based on the organizational security policy. The access controls
may be based on:
A. the society’s role in the organization
B. the individual’s role in the organization
C. the group-dynamics as they relate to the individual’s role in the organization
D. the group-dynamics as they relate to the master-slave role in the organization
Answer: B
Non-Discretionary Access Control. A central authority determines what subjects can have access
to certain objects based on organizational security policy. The access controls may be based on
the individual’s role in the organization (role-based) or the subject’s responsibilities and duties
(task-based).
Pg. 33 Krutz: The CISSP Prep Guide.
QUESTION 185:
This is a common security issue that is extremely hard to control in large environments. It
occurs when a user has more computer rights, permissions, and privileges than what is
required for the tasks the user needs to fulfill. What best describes this scenario?
A. Excessive Rights
B. Excessive Access
C. Excessive Permissions
D. Excessive Privileges
Answer: D
QUESTION 186:
The default level of security established for access controls should be
A. All access
B. Update access
C. Read access
D. No access
Answer: D
“Need to Know and the Principle of Least Privilege are two standard axioms of high-security
environments. A user must have a need-to-know to gain access to data or resources. Even if that
ser has an equal or greater security classification than the requested information, if they do not
have a need-to-know, they are denied access. A need-to-know is the requirement to have access
to, knowledge about, or possession of data or a resource to perform specific work tasks. The
principle of least privilege is the notion that users should be granted the least amount of access to
the secure environment as possible for them to be able to complete their work tasks.” Pg 399
Tittel: CISSP Study Guide
QUESTION 187:
Access Control techniques do not include which of the following choices?
A. Relevant Access Controls
B. Discretionary Access Control
C. Mandatory Access Control
D. Lattice Based Access Controls
Answer: A
QUESTION 188:
Which of the following is a type of mandatory access control?
A. Rule-based access control
B. Role-based access control
C. User-directed access control
D. Lattice-based access control
Answer: A
Reference: pg 46 Krutz: CISSP Prep Guide: Gold Edition
QUESTION 189:
A central authority determines what subjects can have access to certain objects based on
the organizational security policy is called:
A. Mandatory Access Control
B. Discretionary Access Control
C. Non-Discretionary Access Control
D. Rule-based Access Control
Answer: C
Reference: pg 46 Krutz: CISSP Prep Guide: Gold Edition
QUESTION 190:
What can be defined as a table of subjects and objects indicating what actions individual
subjects can take upon individual objects?
A. A capacity table
B. An access control list
C. An access control matrix
D. A capability table
Answer: C
QUESTION 191:
What access control methodology facilitates frequent changes to data permissions?
A. Rule-based
B. List-based
C. Role-based
D. Ticket-based
Answer: A
RBAC – This type of model provides access to resources based on the role the users holds within
the company or the tasks that user has been assigned. – Shon Harris All-in-one CISSP
Certification Guide pg 937
Rule-based access control is a type of mandatory access control because rules determine this
access (such as the correspondence of clearances labels to classification labels), rather than the
identity of the subjects and objects alone. . -Ronald Krutz The CISSP PREP Guide (gold edition)
pg 45-46
QUESTION 192:
Which of the following is a means of restricting access to objects based on the identity of the subject to which
they belong?
A. Mandatory access control
B. Group access control
C. Discretionary access control
D. User access control
Answer: C
The question does not ask about the identity of the accessing subject, the question refers
to the subject to which the object belongs (ie the owner).
The owner setting the access rights is the definition of DAC.
“DAC systems grant or deny access based on the identity of the subject. ….” Harris, 3rd
Ed, p 163
QUESTION 193:
What is the method of coordinating access to resources based on the listening of permitted
IP addresses?
A. MAC
B. ACL
C. DAC
D. None of the choices.
Answer: B
Explanation:
The definition of ACL: A method of coordinating access to resources based on the
listing of permitted (or denied) users, network addresses or groups for each resource.
QUESTION 194:
What control is based on a specific profile for each user?
A. Lattice based access control.
B. Directory based access control.
C. Rule based access control.
D. ID based access control.
Answer: C
Explanation:
With this model, information can be easily changed for only one user but this scheme
may become a burden in a very large environment. A rule-based access control unit will
intercept every request to the server and compare the source specific access conditions
with the rights of the user in order to make an access decision. A good example could
be a firewall. Here a set of rules defined by the network administrator is recorded in
a file. Every time a connection is attempted (incoming or outgoing), the firewall
software checks the rules file to see if the connection is allowed. If it is not, the
firewall closes the connection.
QUESTION 195:
In a very large environment, which of the following is an administrative burden?
A. Rule based access control.
B. Directory based access control.
C. Lattice based access control
D. ID bases access control
Answer: D
QUESTION 196:
Which of the following is a feature of the Rule based access control?
A. The use of profile.
B. The use of information flow label.
C. The use of data flow diagram.
D. The use of token.
Answer: A
Explanation:
Rule based access control is based on a specific profile for each user. Information can
be easily changed for only one user but this scheme may become a burden in a very large
environment. A rule-based access control unit will intercept every request to the
server and compare the source specific access conditions with the rights of the user in
order to make an access decision. A good example could be a firewall. Here a set of
rules defined by the network administrator is recorded in a file. Every time a
connection is attempted (incoming or outgoing), the firewall software checks the rules
file to see if the connection is allowed. If it is not, the firewall closes the
connection.
QUESTION 197:
What is an access control model?
A. A formal description of access control ID specification.
B. A formal description of security policy.
C. A formal description of a sensibility label.
D. None of the choices.
Answer: B
Explanation:
What is an access control model? It is a formal description of a security policy. What
is a security policy? A security policy captures the security requirements of an
enterprise or describes the steps that have to be taken to achieve security. Security
models are used in security evaluation, sometimes as proofs of security.
QUESTION 198:
Which of the following is true about MAC?
A. It is more flexible than DAC.
B. It is more secure than DAC.
C. It is less secure than DAC.
D. It is more scalable than DAC.
Answer: B
Explanation:
Mandatory controls are access controls that are based on a policy that the user, and
more importantly the processes running with that user’s privileges, is not allowed to
violate. An example of this is “Top Secret” data is configured so that regardless of
what the user does, the data cannot be transmitted to someone who does not have “Top
Secret” status. Thus no “trojan horse” program could ever do what the user is not
allowed to do anyway. The restrictions of mandatory controls are (at least in normal
mode) also applied to the user who in a discretionary system would be “root”, or the
superuser.
QUESTION 199:
Which of the following is true regarding a secure access model?
A. Secure information cannot flow to a more secure user.
B. Secure information cannot flow to a less secure user.
C. Secure information can flow to a less secure user.
D. None of the choices.
Answer: B
Explanation:
Access restrictions such as access control lists and capabilities sometimes are not
enough. In some cases, information needs to be tightened further, sometimes by an
authority higher than the owner of the information. For example, the owner of a
top-secret document in a government office might deem the information available to many
users, but his manager might know the information should be restricted further than
that. In this case, the flow of information needs to be controlled — secure
information cannot flow to a less secure user.
QUESTION 200:
In the Information Flow Model, what acts as a type of dependency?
A. State
B. Successive points
C. Transformation
D. Flow
Answer: D
Explanation:
A flow is a type of dependency that relates two versions of the same object, and thus
the transformation of one state of that object into another, at successive points in
time.
QUESTION 201:
A firewall can be classified as a:
A. Directory based access control.
B. Rule based access control.
C. Lattice based access control.
D. ID based access control.
Answer: B
Explanation:
Rule based access control is based on a specific profile for each user. Information can
be easily changed for only one user but this scheme may become a burden in a very large
environment. A rule-based access control unit will intercept every request to the
server and compare the source specific access conditions with the rights of the user in
order to make an access decision. A good example could be a firewall. Here a set of
rules defined by the network administrator is recorded in a file. Every time a
connection is attempted (incoming or outgoing), the firewall software checks the rules
file to see if the connection is allowed. If it is not, the firewall closes the
connection.
QUESTION 202:
Which of the following are the two most well known access control models?
A. Lattice and Biba
B. Bell LaPadula and Biba
C. Bell LaPadula and Chinese war
D. Bell LaPadula and Info Flow
Answer: B
Explanation:
The two most well known models are Bell&LaPadula [1973] and Biba[1977]. Both were
designed in and for military environments.
QUESTION 203:
What security model implies a central authority that determines what subjects can have
access to what objects?
A. Centralized access control
B. Discretionary access control
C. Mandatory access control
D. Non-discretionary access control
Answer: D
A role-based access control (RBAC) model, also called
nondiscretionary access control, uses a centrally administrated set of controls to
determine how subjects and objects interact. – Shon Harris, “CISSP All-in-One Exam
Guide”, 3rd Ed, p 165.
QUESTION 204:
Which of the following is best known for capturing security requirements of commercial
applications?
A. Lattice
B. Biba
C. Bell LaPadula
D. Clark and Wilson
Answer: D
Explanation:
This model attempts to capture security requirements of commercial applications.
‘Military’ and ‘Commercial’ are shorthand for different ways of using computers. This
model has emphasis on integrity:
Internal consistency: properties of the internal state of a system
External consistency: relation of the internal state of a system to the outside world
QUESTION 205:
Which of the following is a straightforward approach that provides access rights to
subjects for objects?
A. Access Matrix model
B. Take-Grant Model
C. Bell-LaPadula Model
D. Biba Model
Answer: A
“The access matrix is a straightforward approach that provides access rights to subjects for
objects. Access rights are of the type read, write, and execute. A subject is an active entity that is
seeking rights to a resource or object. A subject can be a person, a program, or a process. An
object is a passive entity, such as a file or a storage resource.” Pg 272 Krutz: CISSP Prep Guide:
Gold Edition.
QUESTION 206:
What is called the type of access control where there are pairs of elements that have the
least upper bound of values and greatest lower bound of values?
A. Mandatory model
B. Discretionary model
C. Lattice model
D. Rule model
Answer: C
Lattice-based access control provides an upper bound and lower bound of access capabilities for
every subject and object relationship.
Pg 156 Shon Harris All-In-One CISSP Certification Exam Guide
QUESTION 207:
Which access control would a lattice-based access control be an example of?
A. Mandatory access control
B. Discretionary access control
C. Non-discretionary access control
D. Rule-based access control
Answer: C
“Lattice-based access control is a variation of nondiscretionary access controls. Lattice-based
controls define upper and lower bounds of access for every relationship between object and
subject. These boundaries can be arbitrary, but they usually follow the military or corporate
security label levels.
Subjects under lattice-based access controls are said to have the least upper bound and the
greatest lower bound of access to labeled objects based on their assigned lattice position.”
Pg. 16 Tittel: CISSP Prep Guide
QUESTION 208:
Who developed one of the first mathematical models of a multilevel-security computer
system?
A. Diffie Hillman
B. Clark and Wilson
C. Bell and LaPadula
D. Gasser and Lipner
Answer: C
QUESTION 209:
Which of the following was the first mathematical model of multilevel security policy?
A. Biba
B. Take-Grant
C. Bell-La Padula
D. Clark Wilson
Answer: C
“In the 1970’s, the U.S. military used time-sharing mainframe systems and was concerned about
these systems and leakage of classified information. The Bell-LaPadula model was developed to
address these concerns. It was the first mathematical model of a multilevel security policy used
to define the concept of a secure state machine and modes of access and outline rules of access.”
Pg 212 Shon Harris: All-in-One CISSP Certification
QUESTION 210:
Which security model allows the data custodian to grant access privileges to other users?
A. Mandatory
B. Bell-LaPadula
C. Discretionary
D. Clark-Wilson
Answer: C
” Discretionary Access Control. The subject has authority, within certain limitations, to specify
what objects are accessible.” -Ronald Krutz The CISSP PREP Guide (gold edition) pg 46
QUESTION 211:
What is one issue NOT addressed by the Bell-LaPadula model?
A. Information flow control
B. Security levels
C. Covert channels
D. Access modes
Answer: C
Actualtests.com – The Power of Knowing
CISSP
As with any model, the Bell-LaPadula model has some weaknesses. These are the major ones.
The model considers normal channels of the information exchange and does not address covert
channels. -Ronald Krutz The CISSP PREP Guide (gold edition) pg 275-276
QUESTION 212:
Which one of the following access control models associates every resource and every user of a resource with
one of an ordered set of classes?
A. Take-Grant model
B. Biba model
C. Lattice model
D. Clark-Wilson model
Answer: C
With a lattice model you first have to define a set of security classes that can be assigned to users or
objects…After
you have defined set of security classes, you define a set flow operations showing when information can flow
from
one class to another – Roberta Bragg Cissp Certification Training Guide (que) pg 23
QUESTION 213:
What scheme includes the requirement that the system maintain the separation of duty
requirement expressed in the access control triples?
A. Bella
B. Lattice
C. Clark-Wilson
D. Bell-LaPadula
Answer: C
Explanation:
Separation of duty is necessarily determined by conditions external to the computer
system. The Clark-Wilson scheme includes the requirement that the system maintain the
separation of duty requirement expressed in the access control triples. Enforcement is
on a per-user basis, using the user ID from the access control triple.
QUESTION 214:
The access matrix model consists of which of the following parts? (Choose all that apply)
A. A function that returns an objects type.
B. A list of subjects.
C. A list of objects.
Answer: A, B, C
Explanation:
The access matrix model consists of four major parts:
A list of objects
A list of subjects
A function T that returns an object’s type
The matrix itself, with the objects making the columns and the subjects making the rows
Note: This question seems to confuse access control matrix, Harris, 3rd Ed, p 169 with
access control types, Ibid, p 188ff
“An access control matrix is a table of subjects and objects indicating what actions …
subjects can take upon … objects”, Harris, 3rd Ed, p 169.
It would be right if item “A” was “a function that returned an access right”
QUESTION 215:
The access matrix model has which of the following common implementations?
A. Access control lists and capabilities.
B. Access control lists.
C. Capabilities.
D. Access control list and availability.
Answer: A
Explanation:
The two most used implementations are access control lists and capabilities. Access
control lists are achieved by placing on each object a list of users and their
associated rights to that object.
QUESTION 216:
The lattice-based model aims at protecting against:
A. Illegal attributes.
B. None of the choices.
C. Illegal information flow among the entities.
D. Illegal access rights
Answer: C
Explanation:
The lattice-based model aims at protecting against illegal information flow among the
entities. One security class is given to each entity in the system. A flow relation
among the security classes is defined to denote that information in one class can flow
into another class.
QUESTION 217:
Which of the following are the components of the Chinese wall model?
A. Conflict if interest.
B. All of the choices.
C. Subject
D. Company Datasets.
Answer: B
Explanation:
The model has the following component:
COMPONENT EXAMPLE
Subject Analyst
Object Data item for a single client
Company Datasets Give for each company its own company dataset
Conflict of interest classes Give for each object companies that have a conflict of
interest
Labels Company dataset + conflict of interest class
Sanitized information No access restriction
QUESTION 218:
Enforcing minimum privileges for general system users can be easily achieved through the
use of:
A. TSTEC
B. RBAC
C. TBAC
D. IPSEC
Answer: B
Explanation:
Ensuring least privilege requires identifying what the user’s job is, determining the
minimum set of privileges required to perform that job, and restricting the user to a
domain with those privileges and nothing more. By denying to subjects transactions that
are not necessary for the performance of their duties, those denied privileges couldn’t
be used to circumvent the organizational security policy. Although the concept of least
privilege currently exists within the context of the TCSEC, requirements restrict those
privileges of the system administrator. Through the use of RBAC, enforced minimum
privileges for general system users can be easily achieved.
QUESTION 219:
What is necessary for a subject to have write access to an object in a Multi-Level Security
Policy?
A. The subject’s sensitivity label must dominate the object’s sensitivity label
B. The subject’s sensitivity label subordinates the object’s sensitivity label
C. The subject’s sensitivity label is subordinated by the object’s sensitivity label
D. The subject’s sensitivity label is dominated by the object’s sensitivity label
Answer: D
Reference: ”
“The Bell-LaPadula model has a simple security rule, which means that a subject cannot
read data from a higher level (no read up). The *-property rule means that a subject
cannot write to an object at a lower level (no write down).” – Shon Harris, “CISSP
All-in-One Exam Guide”, 3rd Ed, p 327. Therefore the object must be at the same or
higher level.
“The Bell-LaPadula model is an example of a multilevel security modelThe
Bell-LaPadula model is an example of a multilevel security model…” – Shon Harris,
“CISSP All-in-One Exam Guide”, 3rd Ed, p 298.
Simple security property. A subject can read an object if the access of the class of the
subject dominates the access class of the object. Thus, a subject can read down but
cannot read up.” Pg 105 Hansche: Official (ISC)2 Guide to the CISSP Exam
QUESTION 220:
Which of the following security modes of operation involved the highest risk?
A. Compartmented Security Mode
B. Multilevel Security Mode
C. System-High Security Mode
D. Dedicated Security Mode
Answer: B
“Security Modes
In a secure environment, information systems are configured to process information in one of
four security modes. These modes are set out by the Department of Defense as follows:
Systems running compartmental security mode may process two or more types of
compartmented information. All system users must have an appropriate clearance to access all
information processed by the system but do not necessarily have a need to know all of the
information in the system. Compartments are subcategories or compartments within the different
classification levels and extreme care is taken to preserve the information within the different
compartments. The system may be classified at the Secret level but contain five different
compartments, all classified Secret. If a user has only the need to know about two of the five
different compartments to do their job, that user can access the system but can only access the
two compartments. Compartmented systems are usually dedicated systems for each specific
compartment to prevent the chance of any errors, because compartmentalization is the most
secret of all the secrets.
Systems running in the dedicated security mode are authorized to process only a specific
classification level at a time, and all system users must have clearance and a need to know that
information.
Systems running in multilevel security mode are authorized to process information at more than
one level of security even when all system users do not have appropriate clearances or a need to
know for all information processed by the system.
Systems running in system-high security mode are authorized to process only information that
all system users are cleared to read and to have a valid need to know. These systems are not
trusted to maintain separation between security levels, and all information processed by these
systems must be handled as if it were classified at the same level as the most highly classified
information processed by the system.”
Pg. 234 Tittel: CISSP Study Guide
QUESTION 221:
Controlled Security Mode is also known as:
A. Multilevel Security Mode
B. Partitioned Security Mode
C. Dedicated Security Mode
D. System-high Security Mode
Answer: A
Reference: pg 264 Krutz: CISSP Prep Guide: Gold Edition
QUESTION 222:
The unauthorized mixing of data of one sensitivity level and need-to-know with data of a
lower sensitivity level, or different need-to-know, is called data
A. Contamination
B. Seepage
C. Aggregation
D. Commingling
Answer: A ?
WOW if you are reading these comments then you know I have disagreed with a bunch of the
original answers!Well here is another.The original was Seepage.I think it is Contamination.
“The intermixing of data at different sensitivity and need-to-know levels.The lower-level
data is said to be contaminated by the higher-level data; thus contaminating
(higher-level) data might
not receive the required level of protection”-Ronald Krutz The CISSP PREP Guide (gold
edition) pg 890
QUESTION 223:
Which one of the following should be employed to protect data against undetected
corruption?
A. Non-repudiation
B. Encryption
C. Authentication
D. Integrity
Answer: D
QUESTION 224:
Which of the following is a communication path that is not protected by the system’s
normal security mechanisms?
A. A trusted path
B. A protection domain
C. A covert channel
D. A maintenance hook
Answer: C
QUESTION 225:
A channel within a computer system or network that is designed for the authorized
transfer of information is identified as a(n)?
A. Covert channel
B. Overt channel
C. Opened channel
D. Closed channel
Answer: B
“An overt channel is a channel of communication that was developed specifically for
communication purposes. Processes should be communicating through overt channels, not covert
channels.” Pg 237 Shon Harris: All-In-One CISSP Certification Guide.
QUESTION 226:
Covert channel is a communication channel that can be used for:
A. Hardening the system.
B. Violating the security policy.
C. Protecting the DMZ.
D. Strengthening the security policy.
Answer: B
Explanation:
Covert channel is a communication channel that allows transfer of information in a
manner that violates the system’s security policy.
QUESTION 227:
What is an indirect way to transmit information with no explicit reading of confidential
information?
A. Covert channels
B. Backdoor
C. Timing channels
D. Overt channels
Answer: A
Explanation:
Covert channels: indirect ways for transmitting information with no explicit reading of
confidential information. This kind of difficulties induced some researchers to
re-think from scratch the whole problem of guaranteeing security in computer systems.
QUESTION 228:
Which one of the following describes a covert timing channel?
A. Modulated to carry an unintended information signal that can only be detected by special,
sensitive receivers.
B. Used by a supervisor to monitor the productivity of a user without their knowledge.
C. Provides the timing trigger to activate a malicious program disguised as a legitimate function.
D. Allows one process to signal information to another by modulating its own use of system
resources.
Answer: D
A covert channel in which one process signals information to another by modulating its own use
of system resources (for example, CPU time) in such a way that this manipulation affects the real
response time observed by the second process. – Shon Harris All-in-one CISSP Certification
Guide pg 929
QUESTION 229:
Covert channel analysis is required for
A. Systems processing Top Secret or classified information.
B. A Trusted Computer Base with a level of trust B2 or above.
C. A system that can be monitored in a supervisor state.
D. Systems that use exposed communication links.
Answer: B
Table 6.6 Standards Comparison
B2 Structured Protection (covert channel, device labels, subject sensitivity labels, trusted path,
trusted facility management, configuration management) F4+E4 EAL5 – Roberta Bragg CISSP
Certification Training Guide (que) pg 370
QUESTION 230:
In multi-processing systems, which one of the following lacks mandatory controls and is
NORMALLY AVOIDED for communication?
A. Storage channels
B. Covert channels
C. Timing channels
D. Object channels
Answer: B
Covert channel – A communication path that enables a process to transmit information in a way
that violates the system’s security policy.- Shon Harris All-in-one CISSP Certification Guide pg
929
QUESTION 231:
What security risk does a covert channel create?
A. A process can signal information to another process.
B. It bypasses the reference monitor functions.
C. A user can send data to another user.
D. Data can be disclosed by inference.
Answer: B
The risk is not that a process can signal another process. The risk is that the signaling
bypasses the reference monitor functions
(ie the communication is not screened by the security kernel that implements the
reference monitor).
QUESTION 232:
What is the essential difference between a self-audit and an independent audit?
A. Tools used
B. Results
C. Objectivity
D. Competence
Answer: C
QUESTION 233:
What is called the formal acceptance of the adequacy of a system’s overall security by the
management?
A. Certification
B. Acceptance
C. Accreditation
D. Evaluation
Answer: C
QUESTION 234:
FIPS-140 is a standard for the security of:
A. Cryptographic service providers
B. Smartcards
C. Hardware and software cryptographic modules
D. Hardware security modules
Answer: C
QUESTION 235:
Which of the following will you consider as the MOST secure way of authentication?
A. Biometric
B. Password
C. Token
D. Ticket Granting
Answer: A
Explanation:
Biometric authentication systems take advantage of an individual’s unique physical
characteristics in order to authenticate that person’s identity. Various forms of
biometric authentication include face, voice, eye, hand, signature, and fingerprint,
each have their own advantages and disadvantages. When combined with the use of a PIN
it can provide two factors authentication.
QUESTION 236:
In biometric identification systems, at the beginning, it was soon apparent that truly
positive identification could only be based on physical attributes of a person. This raised
the necessicity of answering 2 questions:
A. what was the sex of a person and his age
B. what part of the body to be used and how to accomplish identification to be viable
C. what was the age of a person and his income level
D. what was the tone of the voice of a person and his habits
Answer: B
QUESTION 237:
What is called the percentage of invalid subjects that are falsely accepted?
A. False Rejection Rate (FRR) or Type I Error
B. False Acceptance Rate (FAR) or Type II Error
C. Crossover Error Rate (CER)
D. True Acceptance Rate (TAR) or Type III error
Answer: B
QUESTION 238:
Which of the following biometrics devices has the highs Crossover Error Rate (CER)?
A. Iris scan
B. Hang Geometry
C. Voice pattern
D. Fingerprints
Answer: C
QUESTION 239:
Which of the following biometric parameters are better suited for authentication use over a
long period of time?
A. Iris pattern
B. Voice pattern
C. Signature dynamics
D. Retina pattern
Answer: A
QUESTION 240:
Which one of the following is the MOST critical characteristic of a biometrics system?
A. Acceptability
B. Accuracy
C. Throughput
D. Reliability
Answer: B
We don’t agree with the original answer, which was throughput. Granted throughput is vital but
Krutz lists accuracy is most important.
In addition to the accuracy of the biometric systems, there are OTHER factors that must also be
considered. These factors include the enrollment time, the throughput rate, and acceptability.
-Ronald Krutz The CISSP PREP Guide (gold edition) pg 51
QUESTION 241:
Which of the following biometric devices has the lowest user acceptance level?
A. Voice recognition
B. Fingerprint scan
C. Hand geometry
D. Signature recognition
Answer: B
QUESTION 242:
Biometric performance is most commonly measured in terms of:
A. FRR and FAR
B. FAC and ERR
C. IER and FAR
D. FRR and GIC
Answer: A
Explanation:
Biometric performance is most commonly measured in two ways: False Rejection Rate
(FRR), and False Acceptance Rate (FAR). The FRR is the probability that you are not
authenticated to access your account. A strict definition states that the FRR is the
probability that a mated comparison (i.e. 2 biometric samples of the same finger)
incorrectly determines that there is no match.
QUESTION 243:
What is the most critical characteristic of a biometric identifying system?
A. Perceived intrusiveness
B. Storage requirements
C. Accuracy
D. Reliability
Answer: C
QUESTION 244:
Which of the following biometric characteristics cannot be used to uniquely authenticate
an individual’s identity?
A. Retina scans
B. Iris scans
C. Palm scans
D. Skin scans
Answer: D
Biometrics:
Fingerprints
Palm Scan
Hand Geometry
Retina Scan
Iris Scan
Signature Dynamics
Keyboard Dynamic
Voice Print
Facial Scan
Hand Topology
Pg. 128-130 Shon Harris All-In-One CISSP Certification Exam Guide
QUESTION 245:
In biometric identification systems, at the beginning, it was soon apparent that truly
positive identification could only be based on physical attributes of a person. This raised
the necessicity of answering 2 questions:
A. What was the sex of a person and his age
B. what part of body to be used and how to accomplish identification to be viable
C. what was the age of a person and his income level
D. what was the tone of the voice of a person and his habits
Answer: B
QUESTION 246:
You are comparing biometric systems. Security is the top priority. A low ________ is most
important in this regard.
A. FAR
B. FRR
C. MTBF
D. ERR
Answer: A
Explanation:
When comparing biometric systems, a low false acceptance rate is most important when
security is the priority. Whereas, a low false rejection rate is most important when
convenience is the priority. All biometric implementations balance these two criteria.
Some systems use very high FAR’s such as 1 in 300. This means that the likelihood that
the system will accept someone other than the enrolled user is 1 in 300. However, the
likelihood that the system will reject the enrolled user (its FRR) is very low, giving
them ease of use, but with low security. Most fingerprint systems should be able to run
with FARs of 1 in 10,000 or better.
QUESTION 247:
Almost all types of detection permit a system’s sensitivity to be increased or decreased
during an inspection process. To have a valid measure of the system performance:
A. The CER is used.
B. the FRR is used
C. the FAR is used
D. none of the above choices is correct
Answer: A
“When a biometric system reject an authorized individual, it is called a Type 1 error. When the
system accepts impostors who should be rejected, it is called a Type II error. The goal is to
obtain low numbers for each type of error. When comparing different biometric systems, many
different variables are used, but one of the most important variables is the crossover error rate
(CER). This rating is stated in a percentage and represents the point at which the false rejection
rate equals the false acceptance rate. This rating is the most important measurement when
determining the system’s accuracy.” Pg 113 Shon Harris: All-in-One CISSP Certification
QUESTION 248:
The quality of finger prints is crucial to maintain the necessary:
A. FRR
B. ERR and FAR
C. FAR
D. FRR and FAR
Answer: D
Explanation:
Another factor that must be taken into account when determining the necessary FAR and
FRR for your organization is the actual quality of the fingerprints in your user
population. ABC’s experience with several thousand users, and the experience of its
customers, indicates that a percentage of the populations do not have fingerprints of
sufficient quality to allow for authentication of the individual. Approximately 2.5% of
employees fall into this group in the general office worker population. For these
users, a smart card token with password authentication is recommended.
QUESTION 249:
By requiring the user to use more than one finger to authenticate, you can:
A. Provide statistical improvements in EAR.
B. Provide statistical improvements in MTBF.
C. Provide statistical improvements in FRR.
D. Provide statistical improvements in ERR.
Answer: C
Explanation:
Statistical improvements in false rejection rates can also be achieved by requiring the
user to use more than one finger to authenticate. Such techniques are referred to as
flexible verification.
QUESTION 250:
Which of the following is being considered as the most reliable kind of personal
identification?
A. Token
B. Finger print
C. Password
D. Ticket Granting
Answer: B
Explanation:
Every person’s fingerprint is unique and is a feature that stays with the person
throughout his/her life. This makes the fingerprint the most reliable kind of personal
identification because it cannot be forgotten, misplaced, or stolen. Fingerprint
authorization is potentially the most affordable and convenient method of verifying a
person’s identity.
QUESTION 251:
Which of the following methods is more microscopic and will analyze the direction of the
ridges of the fingerprints for matching?
A. None of the choices.
B. Flow direct
C. Ridge matching
Actualtests.com – The Power of Knowing
CISSP
D. Minutia matching
Answer: D
Explanation:
There are two approaches for capturing the fingerprint image for matching: minutia
matching and global pattern matching. Minutia matching is a more microscopic approach
that analyzes the features of the fingerprint, such as the location and direction of
the ridges, for matching. The only problem with this approach is that it is difficult
to extract the minutiae points accurately if the fingerprint is in some way distorted.
The more macroscopic approach is global pattern matching where the flow of the ridges
is compared at all locations between a pair of fingerprint images; however, this can be
affected by the direction that the image is rotated.
QUESTION 252:
Which of the following are the types of eye scan in use today?
A. Retinal scans and body scans.
B. Retinal scans and iris scans.
C. Retinal scans and reflective scans.
D. Reflective scans and iris scans.
Answer: B
Explanation:
There are two types of eye scan in use today for authentication purposes: retinal scans
and iris scans. Retinal Scan technology maps the capillary pattern of the retina, a
thin (1/50th inch) nerve on the back of the eye. To enroll, a minimum of five scans is
required, which takes 45 seconds. The subject must keep his head and eye motionless
within 1/2″ of the device, focusing on a small rotating point of green light. 320 – 400
points of reference are captured and stored in a 35-byte field, ensuring the measure is
accurate with a negligible false rejection rate.
This compares to 30-70 points of reference for a finger scan. Unfortunately a retinal
scan is considerably more intrusive than an iris scans and many people are hesitant to
use the device [Retina-scan]. In addition a significant number of people may be unable
to perform a successful enrolment, and there exist degenerative diseases of the retina
that alter the scan results over time. Despite these disadvantages, there are several
successful implementations of this technology [Retina-scan].
QUESTION 253:
Which of the following eye scan methods is considered to be more intrusive?
A. Iris scans
B. Retinal scans
C. Body scans
D. Reflective scans
Answer: B
Explanation:
There are two types of eye scan in use today for authentication purposes: retinal scans
and iris scans. Retinal Scan technology maps the capillary pattern of the retina, a
thin (1/50th inch) nerve on the back of the eye. To enroll, a minimum of five scans is
required, which takes 45 seconds. The subject must keep his head and eye motionless
within 1/2″ of the device, focusing on a small rotating point of green light. 320 – 400
points of reference are captured and stored in a 35-byte field, ensuring the measure is
accurate with a negligible false rejection rate.
This compares to 30-70 points of reference for a finger scan. Unfortunately a retinal
scan is considerably more intrusive than an iris scans and many people are hesitant to
use the device [Retina-scan]. In addition a significant number of people may be unable
to perform a successful enrolment, and there exist degenerative diseases of the retina
that alter the scan results over time. Despite these disadvantages, there are several
successful implementations of this technology [Retina-scan].
QUESTION 254:
Which of the following offers greater accuracy then the others?
A. Facial recognition
B. Iris scanning
C. Finger scanning
D. Voice recognition
Answer: B
Explanation:
Iris scanning offers greater accuracy than finger scanning, voice or facial
recognition, hand geometry or keystroke analysis. It is safer and less invasive than
retinal scanning, an important legal consideration [Nuger]. Any company thinking of
using biometrics would do well to ensure that they comply with existing privacy laws.
QUESTION 255:
In addition to the accuracy of the biometric systems, there are other factors that must also
be considered:
A. These factors include the enrollment time and the throughput rate, but not acceptability.
B. These factors do not include the enrollment time, the throughput rate, and acceptability.
C. These factors include the enrollment time, the throughput rate, and acceptability.
D. These factors include the enrollment time, but not the throughput rate, neither the
acceptability.
Answer: C
In addition to the accuracy of the biometric systems, there are OTHER factors that must also be
considered. These factors include the enrollment time, the throughput rate, and acceptability.
-Ronald Krutz The CISSP PREP Guide (gold edition) pg 51
QUESTION 256:
What physical characteristics does a retinal scan biometric device measure?
A. The amount of light reaching the retina
B. The amount of light reflected by the retina
C. The size, curvature, and shape of the retina
D. The pattern of blood vessels at the back of the eye
Answer: D
QUESTION 257:
Type II errors occur when which of the following biometric system rates is high?
A. False accept rate
B. False reject rate
C. Crossover error rate
D. Speed and throughput rate
Answer: A
There are three main performance issues in biometrics. These measures are as follows:
False Rejection Rate (FRR) or Type 1 Error. The percentage of valid subjects that are falsely
rejected.
False Acceptance Rate (FAR) or Type 2 Error. The percentage of invalid subjects that are falsely
accepted.
Crossover Error Rate (CER). The percent in which the False Rejection Rate equals the False
Acceptance Rate.
pg 38 Krutz: The CISSP Prep Guide
QUESTION 258:
Which of the following are the valid categories of hand geometry scanning?
A. Electrical and image-edge detection.
B. Mechanical and image-edge detection.
C. Logical and image-edge detection.
D. Mechanical and image-ridge detection.
Answer: B
Explanation:
Hand geometry reading (scanning) devices usually fall into one of two categories:
mechanical or image-edge detection. Both methods are used to measure specific
characteristics of a person’s hand such as length of fingers and thumb, widths, and
depth.
QUESTION 259:
In the world of keystroke dynamics, what represents the amount of time you hold down in
a particular key?
A. Dwell time
B. Flight time
C. Dynamic time
D. Systems time
Answer: A
Explanation:
Keystroke dynamics looks at the way a person types at a keyboard. Specifically,
keyboard dynamics measures two distinct variables: “dwell time” which is the amount of
time you hold down a particular key and “flight time” which is the amount of time it
takes a person to switch between keys. Keyboard dynamics systems can measure one’s
keyboard input up to 1000 times per second.
QUESTION 260:
In the world of keystroke dynamics, what represents the amount of time it takes a person
to switch between keys?
A. Dynamic time
B. Flight time
C. Dwell time
D. Systems time.
Answer: B
Explanation:
Keystroke dynamics looks at the way a person types at a keyboard. Specifically,
keyboard dynamics measures two distinct variables: “dwell time” which is the amount of
time you hold down a particular key and “flight time” which is the amount of time it
takes a person to switch between keys. Keyboard dynamics systems can measure one’s
keyboard input up to 1000 times per second.
QUESTION 261:
Which of the following are the benefits of Keystroke dynamics?
A. Low cost
B. Unintrusive device
C. Transparent
D. All of the choices.
Answer: D
Explanation:
Keystroke dynamics is behavioral in nature. It works well with users that can “touch
type”. Key advantages in applying keyboard dynamics are that the device used in this
system, the keyboard, is unintrusive and does not detract from one’s work. Enrollment
as well as identification goes undetected by the user. Another inherent benefit to
using keystroke dynamics as an identification device is that the hardware (i.e.
keyboard) is inexpensive. Currently, plug-in boards, built-in hardware and firmware, or
software can represent keystroke dynamics systems.
QUESTION 262:
DSV as an identification method check against users:
A. Fingerprints
B. Signature
C. Keystrokes
D. Facial expression
Answer: B
Explanation:
Signature identification, also known as Dynamic Signature Verification (DSV), is
another natural fit in the world of biometrics since identification through one’s
signature occurs during many everyday transactions. Any process or transaction that
requires an individual’s signature is a prime contender for signature identification.
QUESTION 263:
Signature identification systems analyze what areas of an individual’s signature?
A. All of the choices EXCEPT the signing rate.
B. The specific features of the signature.
C. The specific features of the process of signing one’s signature.
D. The signature rate.
Answer: A
Explanation:
Signature identification systems analyze two different areas of an individual’s
signature: the specific features of the signature and specific features of the process
of signing one’s signature. Features that are taken into account and measured include
speed, pen pressure, directions, stroke length, and the points in time when the pen is
lifted from the paper.
QUESTION 264:
What are the advantages to using voice identification?
A. All of the choices.
B. Timesaving
C. Reliability
D. Flexibility
Answer: A
Explanation:
The many advantages to using voice identification include:
Considered a “natural” biometric technology
Provides eyes and hands-free operation
Reliability
Flexibility
Timesaving data input
Eliminate spelling errors
Improved data accuracy
QUESTION 265:
What are the methods used in the process of facial identification?
A. None of the choices.
B. Detection and recognition.
C. Scanning and recognition.
D. Detection and scanning.
Answer: B
Explanation:
The process of facial identification incorporates two significant methods: detection
and recognition.
QUESTION 266:
In the process of facial identification, the basic underlying recognition technology of facial
identification involves:
A. Eigenfeatures of eigenfaces.
B. Scanning and recognition.
C. Detection and scanning.
D. None of the choices.
Answer: A
Explanation:
Recognition is comparing the captured face to other faces that have been saved and
stored in a database. The basic underlying recognition technology of facial feature
identification involves either eigenfeatures (facial metrics) or eigenfaces. The German
word “eigen” refers to recursive mathematics used to analyze unique facial
characteristics.
QUESTION 267:
What is known as the probability that you are not authenticated to access your account?
A. ERR
B. FRR
C. MTBF
D. FAR
Answer: B
Explanation:
Biometric performance is most commonly measured in two ways: False Rejection Rate
(FRR), and False Acceptance Rate (FAR). The FRR is the probability that you are not
authenticated to access your account. A strict definition states that the FRR is the
probability that a mated comparison (i.e. 2 biometric samples of the same finger)
incorrectly determines that there is no match.
QUESTION 268:
What is known as the chance that someone other than you is granted access to your
account?
A. ERR
B. FAR
C. FRR
D. MTBF
Answer: B
Explanation:
The FAR is the chance that someone other than you is granted access to your account, in
other words, the probability that a non-mated comparison (i.e. two biometric samples of
different fingers) match. FAR and FRR numbers are generally expressed in terms of
probability.
QUESTION 269:
What is typically used to illustrate the comparative strengths and weaknesses of each
biometric technology?
A. Decipher Chart
B. Zephyr Chart
C. Cipher Chart
D. Zapper Chart
Answer: B
Explanation:
The Zephyr Chart illustrates the comparative strengths and weaknesses of each biometric
technology. The eight primary biometric technologies are listed around the outer
border, and for each technology the four major evaluation criteria are ranked from
outside (better) to inside (worse). Looking at dynamic signature verification (DSV)
will illustrate how the Zephyr Chart works.
QUESTION 270:
In terms of the order of effectiveness, which of the following technologies is the most
affective?
A. Fingerprint
B. Iris scan
C. Keystroke pattern
D. Retina scan
Answer: B
Explanation:
The order of effectiveness has not changed for a few years. It is still the same today
as it was three years ago. The list below present them from most effective to list
effective:
Iris scan
Retina scan
Fingerprint
Hand geometry
Voice pattern
Keystroke pattern
Signature
QUESTION 271:
In terms of the order of effectiveness, which of the following technologies is the least
effective?
A. Voice pattern
B. Signature
C. Keystroke pattern
D. Hand geometry
Answer: B
Explanation:
The order of effectiveness has not changed for a few years. It is still the same today
as it was three years ago. The list below present them from most effective to list
effective:
Iris scan
Retina scan
Fingerprint
Hand geometry
Voice pattern
Keystroke pattern
Signature
QUESTION 272:
In terms of the order of acceptance, which of the following technologies is the MOST
accepted?
A. Hand geometry
B. Keystroke pattern
C. Voice Pattern
D. Signature
Answer: C
Explanation:
The order of acceptance has slightly changed in the past years. It was Iris that was
the most accepted method three years ago but today we have Voice Pattern that is by far
the most accepted. Here is the list from most accepted first to least accepted at the
bottom of the list:
Voice Pattern
Keystroke pattern
Signature
Hand geometry
Handprint
Fingerprint
Iris
Retina pattern
QUESTION 273:
In terms of the order of acceptance, which of the following technologies is the LEAST
accepted?
A. Fingerprint
B. Iris
C. Handprint
D. Retina patterns
Answer: D
Explanation:
The order of acceptance has slightly changed in the past years. It was Iris that was
the most accepted method three years ago but today we have Voice Pattern that is by far
the most accepted. Here is the list from most accepted first to least accepted at the
bottom of the list:
Voice Pattern
Keystroke pattern
Signature
Hand geometry
Handprint
Fingerprint
Iris
Retina pattern
QUESTION 274:
Which of the following biometric characteristics cannot be used to uniquely authenticate
an individual’s identity?
A. Retina scans
B. Iris scans
C. Palm scans
D. Skin scans
Answer: D
QUESTION 275:
Which of the following is true of two-factor authentication?
A. It uses the RSA public-key signature based algorithm on integers with large prime factors
B. It requires two measurements of hand geometry
C. It does not use single sign-on technology
D. It relies on two independent proofs of identity
Answer: D
QUESTION 276:
What is Kerberos?
A. A three-headed dog from Egyptian Mythology
B. A trusted third-party authentication protocol
C. A security model
D. A remote authentication dial in user server
Answer: B
QUESTION 277:
Which of the following is true about Kerberos?
A. It utilized public key cryptography
B. It encrypts data after a ticket is granted, but passwords are exchanged in plain text
C. It depends upon symmetric ciphers
D. It is a second party authentication system
Answer: C
“Kerberos relies upon symmetric key cryptography, specifically Data Encryption Standard
(DES), and provides end-to-end security for authentication traffic between the client and the Key
Distribution Center (KDC).” Pg. 15 Tittel: CISSP Study Guide
QUESTION 278:
Kerberos depends upon what encryption method?
A. Public Key cryptography
B. Private Key cryptography
C. El Gamal cryptography
D. Blowfish cryptography
Answer: B
Kerberos uses symmetric key cryptography and provides end-to-end security, meaning that
information being passed between a user and a service is protected without the need of an
intermediate component. Although it allows the use of passwords for authentication, it was
designed specifically to eliminate the need for transmitting passwords over the network. Most
Kerberos implementations work with cryptography keys and shared secret keys (private keys)
instead of passwords. Pg 148 Shon Harris All-In-One CISSP Certification Exam Guide
QUESTION 279:
The primary service provided by Kerberos is which of the following?
A. non-repudiation
B. confidentiality
C. authentication
D. authorization
Answer: C
QUESTION 280:
Which of the following are authentication server systems with operational modes that can
implement SS0?
A. Kerberos, SESAME and KryptoKnight
B. SESAME, KryptoKnight and NetSP
C. Kerberos and SESAME
D. Kerberos, SESAME, KryptoKnight, and NetSP
Answer: D
“Scripts, directory services, thin clients, Kerberos, SESAME, NetSP, scripted access, and
KrtyptoKnight are examples of SSO mechanisms.”
Pg. 14 Tittel: CISSP Study Guide Second Edition
QUESTION 281:
Which of the following is a trusted, third party authentication protocol that was developed
under Project Athena at MIT?
A. Kerberos
B. SESAME
C. KryptoKnight
D. NetSP
Answer: A
“Kerberos is an authentication protocol and was designed in the mid-1980s as part of MIT’s
Project Athena.” Pg 129 Shon Harris: All-in-One CISSP Certification
QUESTION 282:
Which of the following is true about Kerberos?
A. It utilizes public key cryptography
B. It encrypts data after a ticket is granted, but passwords are exchanged in plain text.
C. It depends upon symmetric ciphers
D. It is a second party authentication system
Answer: C
QUESTION 283:
One of the differences between Kerberos and KryptoKnight is that there is:
A. a mapped relationship among the parties takes place
B. there is a peer-to-peer relationship among the parties with themselves.
C. there is no peer-to-peer relationship among the parties and the KDC
D. a peer-to-peer relationship among the parties and the KDC
Answer: D
“Krytponight
The IBM Kryptonight system provides authentication, SSO, and key distribution services. It was
designed to support computers with widely varying computational capabilities. KryptoKnight
uses a trusted Key Distribution Center (KDC) that knows the secret key of each party. One of the
differences between kerberos and KrytoKnight is that there is a peer-to-peer relationship among
the parties and the KDC.”
Pg. 58 Krutz: The CISSP Prep Guide: Gold Edition
QUESTION 284:
Which of the following is the MOST secure network access control procedure to adopt when using a callback
device?
A. The user enters a userid and PIN, and the device calls back the telephone number that corresponds to the
userid.
B. The user enters a userid, PIN, and telephone number, and the device calls back the telephone number
entered.
C. The user enters the telephone number, and the device verifies that the number exists in its database before
calling back.
D. The user enters the telephone number, and the device responds with a challenge.
Answer: A
Explanation: Usually a request for a username and password takes place and the NAS may
hang up the call in order to call the user back at a predefined phone number. This is a
security activity that is used to try and ensure that only authenticated users are given
access to the network and it reverse the long distance charges back to the
company…However, this security measure can be compromised if someone implements call
forwarding. – Shon Harris All-in-one CISSP Certification Guide pg 463
QUESTION 285:
What is called the access protection system that limits connections by calling back the
number of a previously authorized location?
A. Sendback system
B. Callback forward systems
C. Callback systems
D. Sendback forward systems
Answer: C
“Callback systems provide access protection by calling back the number of a previously
authorized location, but this control can be compromised by call forwarding.” Pg 48 Krutz:
CISSP Prep Guide: Gold Edition.
QUESTION 286:
A confidential number to verify a user’s identity is called a:
A. PIN
B. userid
C. password
D. challenge
Answer: A
QUESTION 287:
How are memory cards and smart cards different?
A. Memory cards normally hold more memory than smart cards
B. Smart cards provide a two-factor authentication whereas memory cards don’t
C. Memory cards have no processing power
D. Only smart cards can be used for ATM cards
Answer: C
“The main difference between memory cards and smart cards is the processing power. A
memory card holds information, but does not process information. A smart card has the
necessary hardware and logic to actually process information.” Pg 121 Shon Harris CISSP
All-In-One Exam Guide
QUESTION 288:
They in form of credit card-size memory cards or smart cards, or those resembling small
calculators, are used to supply static and dynamic passwords are called:
A. Tickets
B. Tokens
C. Token passing networks
D. Coupons
Answer: B
QUESTION 289:
Tokens, as a way to identify users are subject to what type of error?
A. Token error
B. Decrypt error
C. Human error
D. Encrypt error
Answer: C
Explanation:
Tokens are a fantastic way of ensuring the identity of a user. However, you must
remember that no system is immune to “human error”. If the token is lost with it’s pin
written on it, or if it were loaned with the corresponding pin it would allow for
masquerading. This is one of the greatest threats that you have with tokens.
QUESTION 290:
Which of the following factors may render a token based solution unusable?
A. Token length
B. Card size
C. Battery lifespan
D. None of the choices.
Answer: C
Explanation:
Another limitation of some of the tokens is their battery lifespan. For example, in the
case of SecurID you have a token that has a battery that will last from 1 to 3 years
depending on the type of token you acquired. Some token companies such as Cryptocard
have introduced tokens that have a small battery compartment allowing you to change the
battery when it is discharged.
QUESTION 291:
Memory only cards work based on:
A. Something you have.
B. Something you know.
C. None of the choices.
D. Something you know and something you have.
Answer: D
Explanation:
Memory Only Card – This type of card is the most common card. It has a magnetic stripe
on the back. These cards can offer two-factor authentication, the card itself
(something you have) and the PIN (something you know). Everyone is familiar with the
use of an ATM (Automated Teller Machine) card. These memory cards are very easy to
counterfeit. There was a case in Montreal where a storeowner would swipe the card
through for the transaction; he hould then swipe it through a card reader to get a
copy while a small hidden camera was registering the PIN as the user was punching it
on the pad. This scheme was quickly identified as the victims had one point in common;
they all visited the same store.
QUESTION 292:
Which of the following is a disadvantage of a memory only card?
A. High cost to develop.
B. High cost to operate.
C. Physically infeasible.
D. Easy to counterfeit.
Answer: D
Explanation:
Memory Only Card – This type of card is the most common card. It has a magnetic stripe
on the back. These cards can offer two-factor authentication, the card itself
(something you have) and the PIN (something you know). Everyone is familiar with the
use of an ATM (Automated Teller Machine) card. These memory cards are very easy to
counterfeit. There was a case in Montreal where a storeowner would swipe the card
through for the transaction; he hould then swipe it through a card reader to get a
copy, while a small hidden camera was registering the PIN as the user was punching it
on the pad. This scheme was quickly identified as the victims had one point in common;
they all visited the same store.
QUESTION 293:
The word “smart card” has meanings of:
A. Personal identity token containing IC-s.
B. Processor IC card.
C. IC card with ISO 7816 interface.
D. All of the choices.
Answer: D
Explanation:
The word “smart card” has four different meanings (in order of usage frequency):
IC card with ISO 7816 interface
Processor IC card
Personal identity token containing IC-s
Integrated Circuit(s) Card is ad ID-1 type (specified in ISO 7810) card, into which has
been inserted one or more integrated circuits. [ISO 7816]
QUESTION 294:
Processor card contains which of the following components?
A. Memory and hard drive.
B. Memory and flash.
C. Memory and processor.
D. Cache and processor.
Answer: C
Explanation:
Processor cards contain memory and a processor. They have remarkable data processing
capabilities. Very often the data processing power is used to encrypt/decrypt data,
which makes this type of card a very unique personal identification token. Data
processing also permits dynamic storage management, which enables the realization of
flexible multifunctional cards.
QUESTION 295:
Which of the following offers advantages such as the ability to use stronger passwords,
easier password administration, and faster resource access?
A. Smart cards
B. Single Sign-on (SSO)
C. Kerberos
D. Public Key Infrastructure (PKI)
Answer: B
QUESTION 296:
What is the main concern with single sign-on?
A. Maximum unauthorized access would be possible if a password is disclosed
B. The security administrator’s workload would increase
C. The users’ password would be to hard to remember
D. User access rights would be increased
Answer: A
QUESTION 297:
Which of the following describes the major disadvantage of many SSO implementations?
A. Once a user obtains access to the system through the initial log-on they can freely roam the
network resources without any restrictions
B. The initial logon process is cumbersome to discourage potential intruders
C. Once a user obtains access to the system through the initial log-on, they only need to logon
to some applications.
D. Once a user obtains access to the system through the initial log-on, he has to logout from all
other systems
Answer: A
Reference: “The major disadvantage of many SSO implementations is that once a user obtains
access to the system through the initial logon, the user can freely roam the network resources
without any restrictions.” pg 53 Krutz: CISSP Prep Guide: Gold Edition
QUESTION 298:
Which of the following addresses cumbersome situations where users need to log on
multiple times to access different resources?
A. Single Sign-On (SSO) systems
B. Dual Sign-On (DSO) systems
C. Double Sign-On (DS0) systems
D. Triple Sign-On (TSO) systems
Answer: A
QUESTION 299:
A method for a user to identify and present credentials only once to a system is known as:
A. SEC
B. IPSec
C. SSO
D. SSL
Answer: C
Explanation:
Single Sign-On (SSO) – This is a method for a users to identify and present credentials
only once to a system. Information needed for future system access to resources is
forwarded by the initial System.
BENEFITS
More efficient user log-on process
Users select stronger passwords
Inactivity timeout and attempt thresholds applied uniformly closer to user point of
entry
Improved timely disabling of all network/computer accounts for terminated users
QUESTION 300:
Which of the following correctly describe the features of SSO?
A. More efficient log-on.
B. More costly to administer.
C. More costly to setup.
D. More key exchanging involved.
Answer: A
Explanation:
Single Sign-On (SSO) – This is a method for a users to identify and present credentials
only once to a system. Information needed for future system access to resources is
forwarded by the initial System.
BENEFITS
More efficient user log-on process
Users select stronger passwords
Inactivity timeout and attempt thresholds applied uniformly closer to user point of
entry
Improved timely disabling of all network/computer accounts for terminated users

Leave a Reply

Your email address will not be published. Required fields are marked *